VP/Chief Information Security Officer

Are you looking for a rewarding career? If so, we invite you to join our team at Amedisys, one of the largest and most trusted home health and hospice companies in the U.S.

Attractive pay:

Base compensation starting at $200,000.00

Our compensation reflects the cost of labor across several U.S. geographic markets and may vary depending on location, job-related knowledge, skills, and experience.

What's in it for you

• A full benefits package with choice of affordable PPO or HSA medical plans.
• Paid time off.
• Up to $1,000 in free healthcare services paid by Amedisys yearly, when enrolled in an Amedisys HSA medical plan.
• Up to $500 in wellness rewards for completing activities during the year. Use these rewards to support your wellbeing with spa services, gym memberships, sports, hobbies, pets and more.*
• Mental health support, including up to five free counseling sessions per year through the Amedisys Employee Assistance program.
• 401(k) with a company match.
• Family support with infertility treatment coverage*, adoption reimbursement, paid parental and family caregiver leave.
• And more.

Please note: Benefit eligibility can vary by position depending on shift status.

*To participate, you must be enrolled in an Amedisys medical plan.

**For full-time caregivers meeting certain requirements.

The VP/CISO is responsible for establishing and maintaining a corporate wide Information Security Program to ensure that information assets are adequately protected. Responsible for overseeing the IT Security team.

• Develops, implements, and monitors a strategic, comprehensive enterprise Information Security and IT Risk Management Program to ensure the integrity, confidentiality, and availability of information owned, controlled, or processed by the organization.
• Oversees creation and implementation of information security awareness training programs for all employees, contractors, and approved system users.
• Provides subject matter expertise to executive management and the board on a broad range of information security standards and best practices such as, NIST Cyber Security Framework, ISO 27000 series, Control Objectives for Information Technology (COBIT) and Information Technology Infrastructure Library (ITIL).
• Oversees creation of policies and procedures regarding areas such as business continuity planning, loss prevention and fraud prevention, and privacy.
• Chairs the Information Security Risk Council.
• Manages and maintains emergency procedures and incident response process. Investigates security breaches.
• Conducts or oversees audits to assess the security platform.
• Develops business-relevant metrics to measure the efficiency and effectiveness of the Information Security Program, facilitates appropriate resource allocation, and continually increases the maturity of the security program.
• Maintains up-to-date knowledge of threats and risks facing the company and the industry.
• Ensures creation and stability of a security team that implements and manages the Information Security Program.
• Ensures compliance with policies, procedures and regulatory mandates including but not limited to abiding to the terms of the Amedisys Compliance Program.
• Monitors and evaluates employee performance. Holds employees accountable for the attainment of defined goals and objectives. Executes effective performance redirection when needed. Develops employees through coaching, mentoring, and formal/on the job training and development opportunities.
• Performs other duties as assigned.

• Bachelor's degree in business administration or a technology-related field, and/or equivalent work or education experience.
• Twelve (12+) years of Information Security experience
• Seven (7+) years' management experience.

• Professional certification, such as a CISSP, CISM, CISA or other information security credentials.
• Knowledge of security and control frameworks, such as NIST 800-53, ISO 17799, COBIT, COSO, and ITIL.
• Experience in a combination of risk management, information security and IT jobs.

Amedisys is an equal opportunity employer. All qualified employees and applicants will receive consideration for employment without regard to race, color, religion, sex, age, pregnancy, marital status, national origin, citizenship status, disability, military status, sexual orientation, genetic predisposition or carrier status or any other legally protected characteristic.